Samba and Roaming Profiles (Win2k)

[Craig White]

On Fri, 2003-05-23 at 16:36, Austin Godber wrote:
> Hello,
> 	Has anyone had experience with supporting Win2k roaming profiles on 
> Samba 2.2?  I have machines that aren't properly pulling or pushing the 
> profiles from/to the samba PDC.
> 
----
I have and there are some things that I've been able to make work fairly
nicely with that.

I have enclosed a copy of the smb.conf for this setup that I have used -
YMMV

Craig

if you are going to use this...watch the wrapping of the lines...it is
certain to screw things up

# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example
#
# Any line which starts with a ; (semi-colon) or a # (hash) 
# is a comment and is ignored. In this example we will use a #
# for commentry and a ; for parts of the config file that you
# may wish to enable
#
# NOTE: Whenever you modify this file you should run the command
"testparm"
# to check that you have not many any basic syntactic errors. 
#
#======================= Global Settings
=====================================
[global]
        workgroup = DOMAIN
        server string = Samba Server
        hosts allow = 192.168.1. 192.168.2. 127.
        printcap name = /etc/printcap
        load printers = yes
        printing = lprng
;       guest account = pcguest
        log file = /var/log/samba/%m.log
        max log size = 0
        security = user
;       password server = <NT-Server-Name>
;       password level = 8
;       username level = 8
        encrypt passwords = yes
;       smb passwd file = /etc/samba/smbpasswd
;       ssl CA certFile = /usr/share/ssl/certs/ca-bundle.crt
;       unix password sync = Yes
;       passwd program = /usr/bin/passwd %u
;       passwd chat = *New*UNIX*password* %n\n
*ReType*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
;       username map = /etc/samba/smbusers
;       include = /etc/samba/smb.conf.%m
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
;       interfaces = 192.168.12.2/24 192.168.13.2/24 
;       remote browse sync = 192.168.3.25 192.168.5.255
;       remote announce = 192.168.1.255 192.168.2.44
        local master = yes
        os level = 64
        domain master = yes 
        preferred master = yes
        domain logons = yes
        logon script = logon.bat
        logon drive = H:
;       logon home = \\%L\%U\.profiles
        logon home = \\%L\homes\%U
        logon path = \\server\profiles\%U
        name resolve order = wins lmhosts bcast
        wins support = yes
;       wins server = w.x.y.z
;       wins proxy = yes
        dns proxy = no 
;       preserve case = no
;       short preserve case = no
;       default case = lower
;       case sensitive = no
        hide dot files = yes
        domain admin group = dom_admin
        admin users = Administrator root
        add user script = /usr/sbin/useradd -d /dev/null -g 501 -s
/bin/false -M %u

#============================ Share Definitions
==============================
[homes]
        comment = Home Directories
        path = /samba/homes
        browseable = no
        writable = yes
        create mask = 600
        directory mask = 700

# Un-comment the following and create the netlogon directory for Domain
Logons
[netlogon]
        comment = Network Logon Service
        path = /samba/netlogon
        guest ok = yes
        writable = no
        write list = @dom_admin
        share modes = no

# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
[Profiles]
        path = /samba/profiles
        browseable = no
;       guest ok = yes
        writeable = yes
        create mask = 600
        directory mask = 700

# NOTE: If you have a BSD-style print system there is no need to 
# specifically define each individual printer
[printers]
   comment = All Printers
   path = /var/spool/samba
   browseable = no
# Set public = yes to allow user 'guest account' to print
   guest ok = no
   printable = yes

# This one is useful for people to share files
[files]
        comment = File space
        path = /samba/files
        read only = no
        public = yes
        writeable = yes
        browseable = yes
;       security mask = 0777
;       force security mode = 0
;       directory security mask = 0777
;       force directory security mode = 0
;       force create mode = 0775
;       force directory create mode = 0775
        inherit permissions = yes

# This one is useful for people to share files
[software]
        comment = Software installers & updates
        path = /samba/software
        read only = no
        public = yes
        writeable = yes
        browseable = yes
;       security mask = 777
;       force security mode = 0
;       directory security mask = 777
;       force directory security mode = 0
        inherit permissions = yes

# This one is useful for people to share files
[wp10_pgrm]
        comment = Software installers & updates
        path = /samba/wp10_pgrm
        read only = no
        public = yes
        writeable = yes
        browseable = yes
;       security mask = 777
;       force security mode = 0
;       directory security mask = 777
;       force directory security mode = 0
        inherit permissions = yes

[backup]
        comment = Extra file backup
        path = /backup/
        read only = yes
        public = no
        writeable = no
        browseable = yes
        valid users = tom @dom_admin

[quickbooks]
        comment = File space
        path = /samba/quickbooks
        read only = no
        public = no
        writeable = yes
        browseable = yes
        valid users = tom, @quickbooks
;       security mask = 770
;       force security mode = 0
;       directory security mask = 0770
;       force directory security mode = 0
        inherit permissions = yes